Set-Cookie: __cfduid=deb5dc89bf1f062a1d217da881eebaaa71509637158; expires=Fri, 02-Nov-18 15:39:18 GMT; path=/; Domain=www.hackerone.com; HttpOnly; Secure
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src www.youtube-nocookie.com app-sj17.marketo.com; connect-src 'self' hackerone.com *.mktoresp.com checkout.stripe.com; font-src 'self'; form-action 'self' syndication.twitter.com platform.twitter.com; frame-ancestors 'self'; frame-src www.youtube.com www.youtube-nocookie.com app-sj17.marketo.com boards.greenhouse.io platform.twitter.com syndication.twitter.com checkout.stripe.com; img-src 'self' data: www.google-analytics.com syndication.twitter.com platform.twitter.com *.twimg.com q.stripe.com; media-src 'self'; script-src 'self' www.google-analytics.com app-sj17.marketo.com munchkin.marketo.net boards.greenhouse.io platform.twitter.com cdn.syndication.twimg.com checkout.stripe.com; style-src 'self' 'unsafe-inline' app-sj17.marketo.com boards.greenhouse.io boards-use1-cdn.greenhouse.io platform.twitter.com checkout.stripe.com; report-uri https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598
X-Drupal-Dynamic-Cache: HIT
X-Cache: HIT
Server: cloudflare-nginx
Via: 1.1 varnish-v4
X-Varnish: 1409683 1409645
ETag: W/"1509053144"
X-Content-Type-Options: nosniff
Vary: Cookie,Accept-Encoding,X-Geo-Country
Last-Modified: Thu, 26 Oct 2017 21:25:44 GMT
X-AH-Environment: prod
HTTP/1.1 200 OK
X-Request-ID: v-d3cb85ee-bfe3-11e7-b0a1-028fcce85eda
Connection: keep-alive
Date: Thu, 02 Nov 2017 15:39:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Geo-Country: FR
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300, public
Age: 71
Content-language: en
X-Cache-Hits: 1
X-Frame-Options: DENY
CF-RAY: 3b782f92387c233c-FRA
X-Generator: Drupal 8 (https://www.drupal.org)
Transfer-Encoding: chunked
X-Xss-Protection: 1; mode=block
X-Drupal-Cache: HIT
X-UA-Compatible: IE=edge